diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_set.c | 8 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509cset.c | 8 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509rset.c | 5 |
3 files changed, 18 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c index b56d30aec5..684a899781 100644 --- a/src/lib/libcrypto/x509/x509_set.c +++ b/src/lib/libcrypto/x509/x509_set.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_set.c,v 1.26 2023/06/23 08:00:28 tb Exp $ */ | 1 | /* $OpenBSD: x509_set.c,v 1.27 2024/03/26 11:09:37 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -84,6 +84,12 @@ X509_set_version(X509 *x, long version) | |||
| 84 | { | 84 | { |
| 85 | if (x == NULL) | 85 | if (x == NULL) |
| 86 | return (0); | 86 | return (0); |
| 87 | /* | ||
| 88 | * RFC 5280, 4.1: versions 1 - 3 are specified as follows. | ||
| 89 | * Version ::= INTEGER { v1(0), v2(1), v3(2) } | ||
| 90 | */ | ||
| 91 | if (version < 0 || version > 2) | ||
| 92 | return (0); | ||
| 87 | if (x->cert_info->version == NULL) { | 93 | if (x->cert_info->version == NULL) { |
| 88 | if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL) | 94 | if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL) |
| 89 | return (0); | 95 | return (0); |
diff --git a/src/lib/libcrypto/x509/x509cset.c b/src/lib/libcrypto/x509/x509cset.c index 7904a7d670..a80d5f21d3 100644 --- a/src/lib/libcrypto/x509/x509cset.c +++ b/src/lib/libcrypto/x509/x509cset.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509cset.c,v 1.19 2023/02/16 08:38:17 tb Exp $ */ | 1 | /* $OpenBSD: x509cset.c,v 1.20 2024/03/26 11:09:37 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| @@ -78,6 +78,12 @@ X509_CRL_set_version(X509_CRL *x, long version) | |||
| 78 | { | 78 | { |
| 79 | if (x == NULL) | 79 | if (x == NULL) |
| 80 | return (0); | 80 | return (0); |
| 81 | /* | ||
| 82 | * RFC 5280, 4.1: versions 1 - 3 are specified as follows. | ||
| 83 | * Version ::= INTEGER { v1(0), v2(1), v3(2) } | ||
| 84 | */ | ||
| 85 | if (version < 0 || version > 1) | ||
| 86 | return (0); | ||
| 81 | if (x->crl->version == NULL) { | 87 | if (x->crl->version == NULL) { |
| 82 | if ((x->crl->version = ASN1_INTEGER_new()) == NULL) | 88 | if ((x->crl->version = ASN1_INTEGER_new()) == NULL) |
| 83 | return (0); | 89 | return (0); |
diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c index b05b2a1c91..6ac64f199d 100644 --- a/src/lib/libcrypto/x509/x509rset.c +++ b/src/lib/libcrypto/x509/x509rset.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509rset.c,v 1.14 2024/03/25 12:10:57 jsing Exp $ */ | 1 | /* $OpenBSD: x509rset.c,v 1.15 2024/03/26 11:09:37 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -70,6 +70,9 @@ X509_REQ_set_version(X509_REQ *x, long version) | |||
| 70 | { | 70 | { |
| 71 | if (x == NULL) | 71 | if (x == NULL) |
| 72 | return (0); | 72 | return (0); |
| 73 | /* RFC 2986 section 4.1 only specifies version 1, encoded as a 0. */ | ||
| 74 | if (version != 0) | ||
| 75 | return (0); | ||
| 73 | x->req_info->enc.modified = 1; | 76 | x->req_info->enc.modified = 1; |
| 74 | return (ASN1_INTEGER_set(x->req_info->version, version)); | 77 | return (ASN1_INTEGER_set(x->req_info->version, version)); |
| 75 | } | 78 | } |